FortiWLC – Configuring Management Interfaces

Configuring Management Interfaces

The Management Interfaces table (Configuration > Devices > System Settings > Management Interfaces) allows the user to control how traffic is sent from the controller to the wireless network. Refer to the following sections for each tab in the table.

Physical Interfaces

The Physical Interfaces table is where the user may configure the IP information for the physical Ethernet ports on the controller. The number of ports that may be configured will vary depending on the controller model purchased.

Using this functionality, users can isolate management traffic from the rest of the network and route it specifically to the devices for which it is intended. Follow the steps in the section below to create a VLAN interface.

Note: Management VLANs must utilize Interface number 1, so this field cannot be modified.

Tag

Enter a tag for the VLAN.

Configuring Management Interfaces

Field

Description

IP Address

Enter the IP address to be used by the VLAN.

NetMask

Enter the NetMask for the VLAN.

Default Gateway

Enter the gateway to be used by the VLAN.

Assignment Type

Management VLANs can only be implemented on static IP addresses, so this field cannot be changed.

Interface Mode

Management VLANs can only operate on Active interfaces, so this field cannot be changed.

Click Save to save the VLAN. The new VLAN will appear in the VLAN Interfaces table.

Using Static Routes

Static routes allow the system administrator to manually define the adapters that are permitted access to configured subnets. This is of particular use in smaller deployments where only a few routes are needed, or in larger ones where certain subnets must be kept separate from each other. Static routing can also be advantageous in that it doesn’t require the processing power that dynamic routes (in which the network router automatically determines the best delivery path for packets) can.

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services.